Force FileVault to use 256-bit key encryption

macos filevault mojave

Solution 1:

Most documentation I'm finding seems to indicate that the key's used in macOS 10.9 and higher use a 256 bit key by default.

Encryption and authentication support

FileVault 2 uses the Advanced Encryption Standard (AES) encryption algorithm, which delivers robust protection for stored data. Until mid-2013, it only supported the use of 128-bit keys, not 256-bit keys. Although 128-bit keys are technically acceptable in many environments, organizations are rapidly moving toward 256-bit keys to thwart emerging threats.

The latest versions of Mac OS X, starting with 10.9, support 256-bit AES keys, so organizations wishing to enable FileVault 2 on legacy systems should be cautious about the 128-bit key strength present in older Mac OS X versions, Lion (10.7) and Mountain Lion (10.8).

Reference: Apple FileVault 2: Full disk encryption software overview

This PDF and the Wikipedia page seem to indicate this as well.

  • macOS Security - Overview for IT 2018
  • Wikipedia - FileVault

Related

Shorcut to show all Finder windows
kernel_task, high CPU and fans going crazy, no applications open, no launch agents/daemons
How to copy my iPhone contacts to my sim card? (without Jailbreak)
Is it possible to force a Mac *.webloc file to open in a new Chrome window instead of a new tab in an existing window?
Can the 2011 Mac-Mini (not the Server Edition) Support an Additional Hardisk, SSD?
Macbook Pro: One USB-C port only works for charging devices
Can not boot into Windows 10 with Boot Camp after partitioning more space to Windows in Disk Utility
Stop my old iPhone from backing up
Reinstalling a MacBook Pro w/Lion (10.7.2), when previous owner died, can it be done? What do I need?
Sync multiple macs together (which is better iCloud, Dropbox, Google Drive or OneDrive?)
In Safari, can a set of bookmarks in a folder be opened programmatically (e.g. using AppleScript)?
How do I access the user Library from a Time Machine backup? [duplicate]